Platform Engineer

We ARE Recruitment Group
Brussels, Belgium
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Brussels, Belgium

Tech stack

API
Computing Platforms
User Authentication
Backup Devices
Bash
Cluster Analysis
Computer Networks
Continuous Delivery
Continuous Integration
Software Debugging
Noise Reduction
DNS
Monitoring of Systems
PostgreSQL
MongoDB
Object-Oriented Software Development
Open Source Technology
Role-Based Access Control
Redis
Prometheus
Reverse Proxy
TCP/IP
Management of Software Versions
Software Vulnerability Management
YAML
Cloud Platform System
Autoscaling
Grafana
GIT
Kubernetes
Infrastructure Automation Frameworks
Hashicorp
Azure
Api Gateway
Oracle Cloud Infrastructure
Software Version Control
Dynatrace
Docker
Vulnerability Analysis
Artifactory

Job description

The Platform Engineer in the Consumer Centricity Platform Operations team is responsible for the reliable, secure, and stable operation of the organization's high-availability cloud platform, built on Kubernetes and composed of multiple in-house platform components.

The role focuses on platform lifecycle management, day-2 operations, incident response, and operational excellence, ensuring that customer-facing Web UIs and APIs remain available, performant, and secure 24/7.

The Platform Engineer acts as a technical custodian of the platform, providing a stable foundation on which service teams can safely deploy and operate their workloads.

Primary Objectives

Maintain platform availability and reliability in accordance with SLOs/SLAs Ensure operational readiness of all environments (DEV / TEST / ACC / PROD) Provide 24/7 operational coverage for critical platform services (via on-call) Ensure the platform is observable, secure, well-controlled and documented Execute platform changes, upgrades, and maintenance in a predictable and low-risk manner, Troubleshoot Kubernetes-related failures: Pod lifecycle issues, networking problems, resource starvation Controlled rollouts with rollback plans Reliability & 24/7 Incident Response

Participate in the 24/7 on-call rotation for critical services (incident responder) Lead or contribute to: Incident triage and mitigation Root Cause Analysis (RCA) Post-incident action tracking and follow-up Maintain and improve runbooks and operational procedures Observability & Monitoring

Operate (and use) the open-source observability platform Ensure effective observability across the platform: Metrics, logs, and distributed traces Actionable alerts Reduced false positives Support incident analysis through correlation and telemetry inspection Change, Release & Maintenance Management

Plan and execute platform changes Follow structured change management practices Stakeholder communication Ensure platform changes are documented and auditable Security & Compliance (Operational Focus)

Operate platform security controls: RBAC, network boundaries, secret mgmt. Apply security updates and patches to platform components Support vulnerability remediation efforts Provide operational evidence for audits and security reviews Automation & Operational Improvement

Automate repetitive operational tasks where appropriate Reduce operational risk through standardization and documented procedures Platform as Code approach (GitOps), Sync waves & hooks Drift detection & reconciliation Multi-environment promotion workflows Git-based deployment strategy with version management Declarative platform design with PR-driven changes YAML-based CI/CD pipelines with Harness.io Secure secret handling in CI/CD (with HashiCorp) Packaging & Configuration

Helm (advanced chart authoring) Reusable library charts OCI-based registries Values layering strategy Kustomize overlays for multi-environment isolation and strategic patches Container & Artifact Management

Docker (secure multi-stage builds, optimization) Harbor (RBAC, replication, vulnerability scanning) JFrog Artifactory (Docker & Helm registry management) Artifact versioning & promotion strategy Secrets & Security

Requirements

Technical skills

Kubernetes (Deep Production Expertise)

Multi-cluster architecture & lifecycle management RBAC & least-privilege design Network policies & traffic segmentation Stateful workloads & storage strategy (CSI, PV/PVC) Autoscaling (HPA/VPA) & resource tuning Pod Security Standards Admission controllers Performance & reliability troubleshooting Cluster-level debugging (networking, DNS, scheduling, OOM, crash loops) GitOps & Continuous Delivery, HashiCorp Vault for dynamic secrets with CSI integration Image vulnerability scanning integration Supply chain security awareness TLS & certificate lifecycle management RBAC governance Observability & Reliability

OpenTelemetry (metrics, logs, traces) Prometheus or VictoriaMetrics (recording rules, HA setup) Loki (log aggregation & LogQL) Tempo (distributed tracing) Grafana (advanced dashboards & alerting) SLI/SLO design & error budget thinking Alert noise reduction strategy Networking (Advanced)

TCP/IP & DNS fundamentals TLS & mTLS concepts Kubernetes Services, Ingress & Reverse Proxy concepts East-west vs north-south traffic API routing & traffic management Network Policies implementation Automation

Advanced Bash scripting Infrastructure automation mindset Nice to Have

Kong API Gateway (api routing, plugins, authentication, rate limiting) Redis (operational knowledge: deployment, persistence, clustering, backups) PostgreSQL (migrations, backups, HA basics, Kubernetes deployment patterns) MongoDB (replica sets, backups, Kubernetes deployment patterns) Kargo on top

Apply for this position